Produced by Araxis Merge on 5/25/2018 9:22:53 AM Central Daylight Time. See www.araxis.com for information about Merge. This report uses XHTML and CSS2, and is best viewed with a modern standards-compliant browser. For optimum results when printing this report, use landscape orientation and enable printing of background images and colours in your browser.
| # | Location | File | Last Modified |
|---|---|---|---|
| 1 | C:\AraxisMergeCompare\Pri_un\ZIP\DSM-cif\Direct_API\application\views\api\onboarding\services | automatic_reply_create.php | Tue May 22 13:19:28 2018 UTC |
| 2 | C:\AraxisMergeCompare\Pri_re\ZIP\DSM-cif\Direct_API\application\views\api\onboarding\services | automatic_reply_create.php | Thu May 24 22:14:52 2018 UTC |
| Description | Between Files 1 and 2 |
|
|---|---|---|
| Text Blocks | Lines | |
| Unchanged | 5 | 276 |
| Changed | 4 | 11 |
| Inserted | 0 | 0 |
| Removed | 0 | 0 |
| Whitespace | |
|---|---|
| Character case | Differences in character case are significant |
| Line endings | Differences in line endings (CR and LF characters) are ignored |
| CR/LF characters | Not shown in the comparison detail |
No regular expressions were active.
| 1 | <?php | ||
| 2 | /** | ||
| 3 | * @packag e direct-a s-a-servic e | ||
| 4 | * @subpac kage views | ||
| 5 | * @fileso urce | ||
| 6 | */ /** */ | ||
| 7 | |||
| 8 | $this->loa d->view('a pi/header' ); | ||
| 9 | $this->loa d->view('a pi/nav'); | ||
| 10 | ?> | ||
| 11 | <h1><a hre f="/onboar ding/docum entation/" class="un derline">D ocumentati on</a> &ra rr; /direc t/automati c_reply/cr eate - GET </h1> | ||
| 12 | <p>The Aut omatic Rep ly service allows au thorized a pplication s to creat e an “Out of Office” message f or a mailb ox and can accessed by sending a GET req uest to di rect/autom atic_reply /create | ||
| 13 | </p> | ||
| 14 | <h3>Authen tication</ h3> | ||
| 15 | <p> | ||
| 16 | The AP I authenti cation uti lized is b ased upon hash messa ge authent ication co de (HMAC). HMAC is a n authenti cation met hod that c ombines a cryptograp hic hash f unction wi th a secre t cryptogr aphic key. After the successfu l registra tion of an applicati on on the API, a pub lic and pr ivate key like the e xample bel ow will be provision ed for its use. | ||
| 17 | </p> | ||
| 18 | <p class=" code"> | ||
| 19 | Public Key: REDA CTED | ||
| 20 | <br/>P rivate Key : REDACTED | ||
| 21 | </p> | ||
| 22 | <p> | ||
| 23 | On eve ry request that an a pplication sends to the API th ey must in clude an A uthorizati on header. The autho rization h eader is a string th at the API will util ize to con firm the i dentity, a nd the mes sage conte nt, of the sender. T he authori zation hea der consis ts of thre e parts. T he first p art is the API ident ifier, rep resented b y the word "DAAS", w hich stand s for Dire ct as a Se rvice. The API ident ifier is f ollowed by a space t hat separa tes it fro m the iden tifying co ntent. The identifyi ng content consists of the uni que public key and t he base64 encoded HM AC hash ge nerated by the reque st content and the p rivate key , delimite d by a col on. An exa mple of th e authoriz ation head er is belo w. | ||
| 24 | </p> | ||
| 25 | <p class=" code"> | ||
| 26 | Author ization: D AAS REDACT ED: </p> | ||
| 27 | <p> | ||
| 28 | The HM AC string is generat ed by runn ing an HMA C hash fun ction on a plain tex t string a nd the app lication's private k ey. The pl ain text s tring that must be h ashed usin g HMAC is constructe d as follo ws: | ||
| 29 | <ul> | ||
| 30 | <li>HT TP Request Type</li> | ||
| 31 | <li>Da te</li> | ||
| 32 | <li>Co ntent-MD5 (Optional) </li> | ||
| 33 | <li>Co ntent Type (Not incl uding boun dary)</li> | ||
| 34 | <li>UR I</li> | ||
| 35 | </ul> | ||
| 36 | These valu es are sep arated by new line c haracters ("\n"). An example o f the plai n text str ing is bel ow: | ||
| 37 | </p> | ||
| 38 | <p class=" code"> | ||
| 39 | GET\n0 6/03/2013 12:13:56 E ST\niB94ga wbwUSiZy5F uruIOQ==\n multipart/ form-data\ n/direct/a utomatic_r eply/creat e/format/j son | ||
| 40 | </p> | ||
| 41 | <p> | ||
| 42 | The st ring above is hashed with the applicatio n's privat e key usin g the SHA- 256 algori thm. A sni ppet of Ja vaScript c ode showin g an examp le of this is shown below: | ||
| 43 | </p> | ||
| 44 | <p class=" code"> | ||
| 45 | var ha shString = CryptoJS. HmacSHA256 ("GET\n06/ 03/2013 12 :13:56 EDT \niB94gawb wUSiZy5Fur uIOQ==\nmu ltipart/fo rm-data\n/ direct/aut omatic_rep ly/create/ format/jso n","0097cd 109a3b72df 1f988e4a6e 3e344ecc02 cdab9a0373 6bc12463b7 d1b889a8") ; | ||
| 46 | <br/>v ar base64 = encode64 (""+hashSt ring); | ||
| 47 | <br/>var a uthorizati on = "DAAS REDACTED :"+base64; | ||
| 48 | </p> | ||
| 49 | <p> | ||
| 50 | In the example a bove the C ontent MD5 is provid ed but thi s is an op tional fie ld. If the Content M D5 header is not spe cified the n the hash should no t have the MD5 speci fied eithe r. | ||
| 51 | </p> | ||
| 52 | <h3>Header s</h3> | ||
| 53 | <div class ="column"> | ||
| 54 | <div c lass="left "> | ||
| 55 | <u l> | ||
| 56 | <li>Auth orization< /li> | ||
| 57 | <p> | ||
| 58 | The first requ ired heade r is the A uthorizati on header covered in the Authe ntication section at the top o f this pag e. | ||
| 59 | </p> | ||
| 60 | <li>Date or X-Daas -Date</li> | ||
| 61 | <p> | ||
| 62 | The second req uired head er that mu st be incl uded is th e Date hea der. Some browsers w ill not le t an appli cation spe cify the D ate header programma tically, s o in this case it is also acce ptable to use the X- Daas-Date header as the API wi ll interpr et them in terchangea bly. This header sho uld be pop ulated wit h the curr ent date a nd time, i n any stan dard forma t (includi ng time zo ne informa tion if no t time zon e agnostic ), when th e POST req uest is su bmitted. T he value s upplied in the Date header mus t match th e value us ed in the creation o f the hash string fo r the Auth orization header. | ||
| 63 | </p> | ||
| 64 | </ ul> | ||
| 65 | </div> | ||
| 66 | <div c lass="righ t"> | ||
| 67 | <u l> | ||
| 68 | <li>Cont ent-Type</ li> | ||
| 69 | <p> | ||
| 70 | The final requ ired heade r for POST requests is the Con tent-Type. The Conte nt-Type he ader must match the Content-Ty pe provide d in the h ash string for the A uthorizati on header except the hash stri ng does no t include the bounda ry paramet er of the Content-Ty pe if ther e is one ( i.e. appli cation/x-w ww-form-ur lencoded C ontent-Typ e). | ||
| 71 | </p> | ||
| 72 | <li>Cont ent-Md5</l i> | ||
| 73 | <p> | ||
| 74 | The optional h eader is t he Content -Md5 heade r. This he ader shoul d contain an MD5 has h of the e ntire POST body. If this heade r is speci fied then it must al so be incl uded in th e hash str ing for th e Authoriz ation head er. When p rovided, t his serves as an ext ra securit y precauti on above a nd beyond TLS to ens ure the PO ST request sent has not been m odified in transit. | ||
| 75 | </p> | ||
| 76 | </ ul> | ||
| 77 | </div> | ||
| 78 | </div> | ||
| 79 | <h3>Argume nts</h3> | ||
| 80 | <p> | ||
| 81 | There are 4 argu ments that can be se nt to the create aut omatic rep ly web ser vice. | ||
| 82 | </p> | ||
| 83 | <div class ="column"> | ||
| 84 | <div c lass="left "> | ||
| 85 | <u l> | ||
| 86 | <li>Mail box</li> | ||
| 87 | <p> | ||
| 88 | Mailbox Th is is a re quired fie ld which i dentifies which mail box’s mess ages shoul d be retur ned. This is the loc al portion of the Di rect addre ss, i.e., test.user@ direct. DNS is the Dir ect addres s so that passed val ue you wou ld test.us er. | ||
| 89 | </p> | ||
| 90 | <li>Cont ent</li> | ||
| 91 | <p> | ||
| 92 | Cont ent This i s a requir ed field w hich is th e message body of th e Automati c Reply me ssages. | ||
| 93 | </p> | ||
| 94 | </ ul> | ||
| 95 | </div> | ||
| 96 | <div c lass="righ t"> | ||
| 97 | <u l> | ||
| 98 | <li>Star t_at</li> | ||
| 99 | <p> | ||
| 100 | This is an opt ional fiel d which in cludes the current s tart date/ time or la ter date/t ime in ord er to send the autom atic reply message t o users. | ||
| 101 | </p> | ||
| 102 | <li>End_ at</li> | ||
| 103 | <p> | ||
| 104 | This is an opt ional fiel d which in cludes the current e nd date/ti me or date /time afte r the star t date in order to s end the au tomatic re ply messag es to user s. | ||
| 105 | </p> | ||
| 106 | </ ul> | ||
| 107 | </div> | ||
| 108 | </div> | ||
| 109 | <h3>Exampl e Response </h3> | ||
| 110 | <ul> | ||
| 111 | <li>Su ccess</li> | ||
| 112 | <ul> | ||
| 113 | <l i>HTTP-200 , {“reques t_id”:4, “ content”: “sample me ssage for automatic reply”,“ma ilbox_id”: ”2”,”start _at”: “140 3203517”,” end_at”:” 1403203533 ”} | ||
| 114 | </ li> | ||
| 115 | </ul> | ||
| 116 | <li>Er ror</li> | ||
| 117 | <ul> | ||
| 118 | <l i> | ||
| 119 | HTTP-401 , {"reques t_id":5,"m essage":"A ccess Deni ed. Use No t Authoriz ed."} | ||
| 120 | </ li> | ||
| 121 | <l i> | ||
| 122 | HTTP-403 , {"reques t_id":5,"m essage":"A ccess Deni ed. Use No t Authoriz ed."} | ||
| 123 | </ li> | ||
| 124 | <l i> | ||
| 125 | HTTP-403 , {"reques t_id":6,"m essage":"A ccess Deni ed. User N ot Authori zed."} | ||
| 126 | </ li> | ||
| 127 | <l i> | ||
| 128 | HTTP-422 , {"reques t_id":"886 ","fields" :["content "],"messag e":"'conte nt' is a r equired fi eld."} | ||
| 129 | </ li> | ||
| 130 | <l i> | ||
| 131 | HTTP-422 , {"reques t_id":"894 ","message ":"'start_ at' contai ns invalid input","f ields":["s tart_at"]} | ||
| 132 | </ li> | ||
| 133 | </ul> | ||
| 134 | </ul> | ||
| 135 | <h3>Sample Code</h3> | ||
| 136 | <p> | ||
| 137 | Please click <a href="/onb oarding/do cumentatio n/validate _example"> here</a> t o be taken to some s ample code snippets for the va lidate web service. | ||
| 138 | </p> | ||
| 139 | </div> | ||
| 140 | <?PHP $thi s->load->v iew('api/f ooter'); ? > | ||
| 141 | </div> | ||
| 142 | </body> | ||
| 143 | </html> |
Araxis Merge (but not the data content of this report) is Copyright © 1993-2016 Araxis Ltd (www.araxis.com). All rights reserved.